← Back

CVE-2024-33865

nvd nist
Published: May 14, 2024Modified: Apr 28, 2025

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 3.9 / Impact: 3.6
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

An issue was discovered in linqi before 1.4.0.1 on Windows. There is an NTLM hash leak via the /api/Cdn/GetFile and /api/DocumentTemplate/{GUID] endpoints.

Affected (1)

Products: Linqi: Linqi
Linqi
1 product
Linqi
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Linqi
Before 1.4.0.1
Running on/withPlatform Versions
Microsoft
Windows
All versions

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Product
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Product

Timeline

No history available yet.